VYPR

CVEs

31,173 total · page 571 of 624

  • CVE-2017-14125CriSep 25, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in the Responsive Image Gallery plugin before 1.2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "id" parameter in an add_edit_theme task in the wpdevart_gallery_themes page to wp-admin/admin.php.

  • CVE-2017-12905CriSep 25, 2017
    risk 0.65cvss 10.0epss 0.03

    Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.

  • CVE-2015-4667CriSep 25, 2017
    risk 0.68cvss 9.8epss 0.11

    Multiple hardcoded credentials in Xsuite 2.x.

  • CVE-2017-14723CriSep 23, 2017
    risk 0.58cvss 9.8epss 0.10

    Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.

  • CVE-2017-14706CriSep 22, 2017
    risk 0.69cvss 9.8epss 0.28

    DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12,…

  • CVE-2017-14080CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.03

    Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.

  • CVE-2017-14078CriSep 22, 2017
    risk 0.68cvss 9.8epss 0.50

    SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.

  • CVE-2017-9393CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.02

    CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search.

  • CVE-2017-14637CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.02

    In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb function in in_xpm.cpp. However, this can also cause a write to an illegal address.

  • CVE-2017-14636CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.01

    Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes memory corruption because of an attempted write to the invalid d[0xfffffffe]…

  • CVE-2017-9283CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.01

    An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.

  • CVE-2017-9282CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.01

    An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.

  • CVE-2017-7544CriSep 21, 2017
    risk 0.59cvss 9.1epss 0.03

    libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information…

  • CVE-2017-12170CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding…

  • CVE-2017-14652CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as part of the user registration process.

  • CVE-2017-14648CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A global buffer overflow was discovered in the iteration_loop function in loop.c in BladeEnc version 0.94.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.

  • CVE-2017-12930CriSep 21, 2017
    risk 0.67cvss 9.8epss 0.03

    SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.

  • CVE-2017-12928CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials.

  • CVE-2015-1187CriKEVSep 21, 2017
    risk 0.85cvss 9.8epss 0.83

    The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.

  • CVE-2015-5284CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.01

    ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

  • CVE-2017-14632CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.06

    Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

  • CVE-2017-14631CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an integer signedness error leading to a heap-based buffer overflow.

  • CVE-2017-14630CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp, leading to an invalid write operation.

  • CVE-2017-14628CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp.

  • CVE-2017-14626CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.

  • CVE-2017-14625CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.

  • CVE-2017-14624CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.

  • CVE-2017-14596CriSep 20, 2017
    risk 0.64cvss 9.8epss 0.06

    In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.

  • CVE-2015-6673CriSep 20, 2017
    risk 0.64cvss 9.8epss 0.02

    Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.

  • CVE-2017-14608CriSep 20, 2017
    risk 0.59cvss 9.1epss 0.02

    In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

  • CVE-2017-12611CriSep 20, 2017
    risk 0.67cvss 9.8epss 0.88

    In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.

  • CVE-2016-6795CriSep 20, 2017
    risk 0.57cvss 9.8epss 0.08

    In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side.

  • CVE-2015-4073CriSep 20, 2017
    risk 0.67cvss 9.8epss 0.04

    Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL commands via the…

  • CVE-2017-8772CriSep 20, 2017
    risk 0.64cvss 9.8epss 0.01

    On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires…

  • CVE-2017-8771CriSep 20, 2017
    risk 0.64cvss 9.8epss 0.01

    On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the…

  • CVE-2015-4683CriSep 19, 2017
    risk 0.67cvss 9.8epss 0.07

    Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.

  • CVE-2014-8686CriSep 19, 2017
    risk 0.70cvss 9.8epss 0.37

    CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.

  • CVE-2014-8684CriSep 19, 2017
    risk 0.65cvss 9.8epss 0.72

    CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic…

  • CVE-2017-12883CriSep 19, 2017
    risk 0.60cvss 9.1epss 0.06

    Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid…

  • CVE-2017-6315CriSep 19, 2017
    risk 0.68cvss 9.8epss 0.17

    Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx.

  • CVE-2017-14143CriSep 19, 2017
    risk 0.73cvss 9.8epss 0.76

    The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP code via…

  • CVE-2017-10700CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.02

    In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can execute arbitrary system commands as the root user of the NAS application.

  • CVE-2015-3431CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.04

    Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to execute arbitrary commands via unspecified vectors, aka "Pydio OS Command Injection Vulnerabilities."

  • CVE-2014-9618CriSep 19, 2017
    risk 0.73cvss 9.8epss 0.73

    The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL.

  • CVE-2014-9611CriSep 19, 2017
    risk 0.68cvss 9.8epss 0.13

    Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php.

  • CVE-2014-8174CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.03

    eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.

  • CVE-2017-10930CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.01

    The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.

  • CVE-2017-14532CriSep 18, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.

  • CVE-2017-14512CriSep 17, 2017
    risk 0.64cvss 9.8epss 0.01

    NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an editforum action, a different vulnerability than CVE-2017-12981.

  • CVE-2017-14244CriSep 17, 2017
    risk 0.68cvss 9.8epss 0.17

    An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi.